package com.wubai.ranger.api;

import com.wubai.ranger.RangerClient;
import com.wubai.ranger.config.RangerClientConfig;
import com.wubai.ranger.model.*;


import java.util.*;

import static org.junit.Assert.assertNotNull;


public class PolicyApiWoker {

    private static RangerClient rangerClient;

    public void initRangerClient() {
        rangerClient = new RangerClient(new RangerClientConfig());

        rangerClient.start();
    }


    public void CreatePolicy() {
        PolicyResource policyResource = PolicyResource.builder()
                .values(Collections.singletonList("other"))
                .isExcludes(true)
                .build();
        Map<String, PolicyResource> policyResourceMap = new HashMap<>();
        policyResourceMap.put("database", policyResource);
        List<String> groups = new ArrayList<>();
        groups.add("hive");
        groups.add("supergroup");
        groups.add("hadoop");
        groups.add("hadoopmanager");
        groups.add("public");
        groups.add("kafka");
        groups.add("kmsadmin");
        List<PolicyItemAccess> policyItemAccessList = new ArrayList<>();
        policyItemAccessList.add(PolicyItemAccess.builder().type("Drop").build());
        List<PolicyItemAccess> objects = new ArrayList<>();
        PolicyItem policyItem = PolicyItem.builder()
                .delegateAdmin(true).groups(groups)
                .accesses(policyItemAccessList)
                .build();
        Policy policy = Policy.builder()
                .service("Hive")
                .name("deny-all-db-drop")
                .isEnabled(true).policyType(0)// policyType(0) 对应Access页面
                .resources(policyResourceMap)
                .denyPolicyItems(Collections.singletonList(policyItem))
                .build();
        policy.setDescription("Grant to all users deny access drop to all databases in Hive");
        Policy result = rangerClient.getPolicyApi().createPolicy(policy);
        assertNotNull(result);
        System.out.println("CreatePolicy:" + result.getName());
    }
    public void GetPolicyByName() {
        Policy result = rangerClient.getPolicyApi()
                .getPolicyByName("Hive", "deny-all-db-drop");
        assertNotNull(result);
        System.out.println("GetPolicyByName:" + result.getName());
    }
    public void GetAllPoliciesByService() {
        List<Policy> result = rangerClient.getPolicyApi()
                .getAllPoliciesByService("Hive");
        assertNotNull(result);
        System.out.println("GetAllPoliciesByService:" + result.size());
    }
    public void DeletePolicy() {
        Policy result = null;
        try {
            result = rangerClient.getPolicyApi()
                    .getPolicyByName("Hive", "deny-all-db-drop");
            assertNotNull(result);
            rangerClient.getPolicyApi().deletePolicy(result.getId());
//            System.out.println(result);
            System.out.println("DeletePolicy:" + result.getName());
        } catch (Exception e) {
            System.out.println("Policy" + e.toString());
        }

    }
    public void FilteredAuditData() {
        List<AuditData> result = rangerClient.getPolicyApi()
                .filteredAuditData("testuser","sharkdw");
        assertNotNull(result);
        System.out.println("Filtered audit data:" + result.size());
    }

    public static void main(String[] args) {
//        System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jre1.8.0_351\\lib\\security\\cacerts");
//        System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
        PolicyApiWoker policyApiWoker = new PolicyApiWoker();
        policyApiWoker.initRangerClient();
        policyApiWoker.DeletePolicy();
        policyApiWoker.CreatePolicy();
        policyApiWoker.GetPolicyByName();
        policyApiWoker.GetAllPoliciesByService();
//        policyApiWoker.FilteredAuditData();


    }
}